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(57) Abstract 

The present invention is a method for protecting a 
data signal where the method comprises the following steps: 
applying a data reduction technique (200) to the signal to 
produce a reduced signal, subtracting (60) the reduced data 
signal from the original signal to produce a remainder signal 
(39), embedding (300) a first watermark into the reduced 
data signal to produce a watermarked redued data signal, 
and adding (50) the watermarked reduced signal to the 
remainder signal to produce an output signal (90). A second 
watermark (301) may be embedded into the remainder 
signal (39) before the final addition (50) step. Cryptographic 
techniques may be employed to encrypt the remainder signal 
and/or the reduced signal prior to the addition step (50). 
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UTILIZING DATA REDUCTION IN STEGANOGRAPHIC 
AND CRYPTOGRAPHIC SYSTEMS 

FIELD OF INVENTION 

This invention relates to digital signal processing, and more particularly to a 
method and a system for encoding at least one digital watermark into a signal as a 
means of conveying information relating to the signal and also protecting against 
unauthorized manipulation of the signal. 

BACKGROUND OF INVENTION 

Digital watermarks help to authenticate the content of digitized multimedia 
information, and can also discourage piracy. Because piracy is clearly a disincentive 
to the digital distribution of copyrighted content, establishment of responsibility for 
copies and derivative copies of such works is invaluable. In considering the various 
forms of multimedia content, whether "master," stereo, NTSC video, audio tape or 
compact disc, tolerance of quality will vary with individuals and affect ithe underlying 
commercial and aesthetic value of the content. It is desirable to tie copyrights, 
ownership rights, purchaser information or some combination of these and related data 
into the content in such a manner that the content must undergo damage, and therefore 
reduction of its value, with subsequent, unauthorized distribution, commercial or 
otherwise. Digital watermarks address many of these concerns. 

A matter of general weakness in digital watermark technology relates directly 
to the manner of implementation of the watermark. Many approaches to digital 
watermarking leave detection and decode control with the implementing party of the 
digital watermark, not the creator of the work to be protected. This weakness removes 
proper economic incentives for improvement of the technology. One specific form of 
exploitation mostly regards efforts to obscure subsequent watermark detection. Others 
regard successful over encoding using the same watermarking process at a subsequent 
time. Yet another way to perform secure digital watermark implementation is through 
"key-based" approaches. 
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o "fnrpn^ic watermark," based on 
This paper draws a disuncon between , a forensic 

p.„.ab,y-secure nre.hods, and a ..cop, con.ro>.. .r ..un.versaV. wa.emrarK wh.cH 

.o be ,ow cos, and easUy inrp.enrenred .n.o any genera, eon.pu„„s or 
t ier e,ec,ro„,c aev,ce A «a.en.ar. can be forensic ,f i, can iden„fy , e source 
da,a fro„ wbicb a copy was made. Por e.an,p,e, assunre ,ha, dismal da a are 
of ,he ..Company A'. (U,e "A disk"). Company A makes an 

stored on a disk and prov.ded to Company A ( 

unau,horized copy and dCivers the copy ,o ..company B (the B d sk , 

. ^ tHf> "A di^k " would identify the B 

watermark, if present in the digital data stored on the A d.sk, 

disk" as having been copied from the "A disk." 

on t„e other hand, a copy con.ro, or universa, watermark is an embedded srgna, 
whrcb is governed by a -key- which may be changed fa 

security, or one .hat ,s easily access.bie to dev.ces that may offer ,ess than stn t 
ryp.o^ph.c secnnty. The .un,versa,..lna.„re of *e watermark is the computahonaUy 
in^pensive me=urs for accessing or oUrer assocating the watennark w,.h oper^hor. ha. 
can Luae piayhack, recording or manipulations of Ure media in which ,t .s em edded. 

A fundamental difference is .ha. .he universality of a copy con^ol mechamsm, 
which mus. be redundan. enough to survive many sipral manipulations to eiimma.e 
mos. casua, p.racy, is at odds wi.h .he far greater prob,em of esrablishing responstb.hiy 
for a given nrstance of a suspected copymg of a copyrighted media work. The more 
dedicated pirates must be deal, wi* by encouraging 3rd party authentication w,th 
..forensic wa.ermarks.. or Urose .ha. cons.i.ute ..wnsacional watermarks.' (wh.ch are 
encoded in a given copy of said con.en. .o be wa.ennarked as per .he g,ven transacbon). 

The goal of a digiial watermark system is to insert a given informauon signal 
or signals in such a manner as to leave little or no evidence of the presence of the 
information signal in flte underlying content signal. A separate but equal goal ,s 
maximi..ng the digital watermark's encodipg level and "location sensi.ivi.y" in .he 
underlying conlent signal such that the watermark camrot be removed without damage 
to the content signal. 



One means of implementing a digital watermark ,s to use key-based security. 
A predetem.ined or random key can be generated as a map to access the hidden 
information signal. A key pair may also be used. With a typical key pair, a party 
possesses a public and a private key. The private key is maintained in confidence by 
the owner of the key, while the owner's public key is disseminated to those persons m 
the public with whom the owner would regulariy communicate. Messages being 
communicated, for example by the owner to another, are encrypted with the private key 
and can only be read by another person who possesses the corresponding public key. 
Similariy, a message encrypted with the person's public key can only be decrypted with 
the corresponding private key. Of course, the keys or key pairs may be processed m 
separate software or hardware devices handling the watermarked data. 

SUMMARY OF THE INVENTION 

A method of securing a data signal comprises the steps of: applying a data 
reduction technique to reduce the data signal into a reduced data signal; subtracting said 
reduced data signal from the data signal to produce a remainder signal; using a first 
cryptographic technique to encrypt the reduced data signal to produce an encrypted, 
reduced data signal; using a second cryptographic technique to encrypt the remainder 
signal to produce an encrypted remainder signal; and adding said encrypted, reduced 
data signal to said encrypted remainder signal to produce an output signal. 

A system for securing a data signal comprises: means to apply a data reduction 
technique to reduce the data signal into a reduced data signal; means to subtract said 
reduced data signal from the data signal to produce a remainder signal; means to apply 
a first cryptographic technique to encrypt the reduced data signal to produce an 
encrypted, reduced data signal; means to apply a second cryptographic technique to 
encrypt the remainder signal to produce an enco'pted remainder signal; and means to 
add said encrypted, reduced data signal to said encrypted remainder signal to produce 
an output signal. 
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A method of securing a data signal comprises the steps of: applying a data 
reduction technique to reduce the data signal into a reduced data signal; subtracting said 
reduced data signal from the data signal to produce a remainder signal; embedding a 
first watenTiark into said reduced data signal to produce a watermarked, reduced data 
signal; embedding a second watermark into said remainder signal to produce a 
watermarked remainder signal; and adding said watermarked, reduced data signal to 
said watermarked remainder signal to produce an output signal. 

A method of protecting a data signal comprises: applying a data reduction 
technique to reduce the data signal into a reduced data signal; subtracting said reduced 
data signal from the data signal to produce a remainder signal; using a first scrambhng 
technique to scramble said reduced data signal to produce a scrambled, reduced data 
signal; using a second scrambling technique to scramble said remainder signal to 
produce a scrambled remainder signal; and adding said scrambled, reduced data signal 
to said scrambled remainder signal to produce an output signal. 

There are two design goals in an overall digital watermarking system's low cost, 
and universality. Ideally, a method for encoding and decoding digital watermarks in 
digitized media for copy control purposes should be inexpensive and universal. This 
is essential in preventing casual piracy. On the other hand, a more secure form of 
protection, such as a "forensic watemiarks," can afford to be computationally intensive 
to decode, but must be unaffected by repeated re-encoding of a copy control watemiark. 
An ideal method for achieving these results would separate the signal into different 
areas, each of which can be accessed independently. The embedded signal or may 
simply be "watermark bits" or "executable binary code," depending on the application 
and type of security sought. Improvements to separation have been made possible by 
enhancing more of the underlying design to meet a number of clearly problematic 
issues! The present invention interprets the signal as a stream which may be split into 
separate streams of digitized samples or may undergo data reduction (including both 
lossy and lossless compression, such as MPEG lossy compression and Meridian's 
lossless compression, down sampling, common to many studio operations, or any 



related data reduction process). The streanrof data can be digital in nature, or may also 
be an analog wavefomi (such as an image, audio, video, or multimedia content). One 
example of digital data is executable bina,7 code. When applied to computer code, the 
present invention allows for more efficient, secure, copyright protection when handling 
functionality and associations with predetermined keys and key pairs in software 
applications or the machine readable versions of such code in microchips and hardware 
devices. Text may also be a candidate for authentication or higher levels of security 
when coupled with secure key exchange or asymmetric key generation between parties. 
The subsets of the data stream combine meaningfiil and meaningless bits of data which 
may be mapped or transferred depending on the application intended by the 

implementing party. 

The present invention utilizes data reduction to allow better performance in 
watermarking as well as cyptographic methods concerning binary executable code, its 
machine readable form, text and other functionality-based or communication-related 
applications. Some differences may simply be in the structure of the key itself, a 
pseudo random or random number string or one which also includes additional security 
with special one way functions or signatures saved to the key. The key may also be 
made into key pairs, as is discussed in other disclosures and patents referenced herein. 
The present invention coritemplates watermarks as a plurality of digitized sample 
streams, even if the digitized streams originate from the analog waveform itself The 
present invention also contemplates that the methods disclosed herein can be applied 
to non-digitized content. " Universally, data reduction adheres to some means of 
"understanding "the reduction. This disclosure looks at data reduction which may 
include down sampling, lossy compression, summarization or any means of data 
reduction as a novel means to speed up watermarking encode and decode operations. 
Essentially a lossy method for data reduction yields the best results for encode and 
decode operations. 

It is desirable to have both copy control and forensic watermarks in the same 
signal to address the needs of the hardware, computer, and software industries while 
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also providing for appropriate security to the owners of the copyrights. This will 
become clearer with further explanation of the sample embodiments discussed herein. 

The present invention also contemplates the use of data reduction for purposes 
of speedier and more tiered fomis of security, including combinations of these methods 
with transfer function functions. In many applications", transfer functions (e.g., 
scrambling), rather than mapping functions (e.g., watermarking), are preferable or can 
be used in conjunction with mapping. With "scrambling," predetermined keys are 
associatediWith transfer functions instead of mapping functions, although those skilled 
in the art may recognize that a transfer function is simply a subset of mask sets 
encompassing mapping functions. It is possible that tiered scrambling with data 
reduction or combinations of tiered data reduction with watermarking and scrambling 
may indeed increase overall security to many applications. 

The use of data reduction can improve the security of both scrambling and 
watermarking applications. All data reduction methods include coefficients which 
affect the reduction process. For example, when a digital signal with a time or space 
component is down sampled, the coefficient would be the ratio of the new sample rate 
to the original sample rate. Any coefficients that are used in the data reduction can be 
randomized using the key, or key pair, making the system more resistant to analysis. 
Association to a predetermined key or key pair and additional measure of security may 
include biometric devices, tamper proofing of any device utilizing the invention, or 
other security measures. . 

Tests have shown that the use of data reduction in connection with digital 
watermarking schemes significantly reduces , the time required to decode the 
watermarks, permitting increases in operational efficiency. 

Particular implementations of the present invention, which have yielded 
incredibly fast and inexpensive digital watermarking systems, will now be described. 
These systems may be easily adapted to consumer electronic devices, general purpose 
computers, software and hardware. The exchange of predetermined keys or key pairs 
may facilitate a given level of security. Additionally, the complementary increase in 



0 



security for those ,™plemema.ions whete transfer functions arc used ,0 "scrBmble" data, 
is also disclosed. 

BRIEF DESCRIPTION OF THE DRAWINGS 

For a more complete understandmg of the invention and some advantages 
thereof, reference .s now made to the following descriptions taken m com.ect.on wUh 
the accompanying drawings in which: 

FIG. 1 is a fmictional block diagram that shows a signal processing system that 
generates "n" remainder signals and "n" data reduced signals. 

FIG 2 is a functional block diagram for an embodiment of the present invention 
which Ulustrates the generation of an output signal comprised of a data-reduced, 
watermarked signal and a first remainder signal. 

FIG 3 is a functional block diagram for an embodiment of the present mvention 
which illustrates the generation of an output signal comprised of a data-reduced, 
watermarked signal and a watermarked, first remainder signal. 

FIG. 4 is a functional block diagram for decoding the output signal generated 

by the system illustrated in FIG. 2. 

FIG. 5 is a functional block diagram for decoding the output signal generated 

by the system illustrated in FIG. 3. 

FIG 6 is a functional block diagram for an embodiment of the present invention 
which illustrates the generation of an output signal comprised of a data-reduced, 
scrambled signal and a first remainder signal. 

FIG 7 is a functional block diagram for an embodiment of the present invention 
which illustrates the generation of an output signal comprised of a data-reduced, 
scrambled signal and a scrambled, first remainder signal. 

FIG. 8 is a functional block diagram for decoding the output signal generated 

by the system illustrated in FIG. 6. 

FIG. 9 is a functional block diagram for decoding the output signal generated 

by the system illustrated in FIG, 7. 
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DETAILED DESCRIPTION 

The embodiments of the present invention and its advantages are best 
understood by referring to the drawings, like numerals being used for like and 
corresponding parts of the various drawings. 

An Overview 

A system for achieving multiple levels of data reduction is illustrated in FIG. 
1 . An input signal 10 (for example, instmctional text, executable binary computer code, 
images, audio, video, multimedia or even virtual reality imaging) is subjected to a first 
data reduction teclinique 100 to generate a first data reduced signal 20. First data 
reduced signal 20 is then subtracted from input signal 1 0 to generate a first remainder 
signal 30. 

First data reduced signal 20 is subjected to a second data reduction technique 
101 to generate a second data reduced signal 21 . Second data reduced signal 21 is then 
subtracted fi-om first data reduced signal 20 to generate a second remainder signal 31 . 

Each of the successive data reduced signals is, in turn, subjected to data 
reduction techniques to generate a further data reduced signal, which, in turn, is 
subtracted fi-om its respective parent signal to generate another remainder signal. This 
process is generically described as follows. An (n-1) data.reduced signal 28 (i.e, a 
signal that has been data reduced n-1 times) is subjected to an nth data reduction 
technique 109 to generate an nth data reduced signal 29. The nth data reduced signal 
29 is then subtracted from the (n-1 ) data reduced signal 28 to produce an n'" remainder 
signal 39. 

An output signal can be generated from the system illustrated in FIG. 1 in 
numerous ways. For example, each of the n remainder signals (which, through 
represented by reference numerals 30-39, are not intended to be limited to 10 signals) 
and the n'" data signal may optionally subjected to a watermarking technique, or even 
optionally subjected to a encryption technique, and each of the (n+1) signals (whether 



wa,en,,arked or enabled, or chemise untouched, may .hen be added together to fonn 
an output signal. By way oftnore particular example., each of the (n.l ) signals (t.e., 
the n rematnder signals and the n* data reduced signal) can be added together without 
any encryption or watermarking to form an output signal; or one or more of .he („.l) 
signals may be watennarked and then all (n+1) signals may be added togeUter; or one 
or more of .he (n.i) signals may he encrypted and then ail (n+1) signals may be added 
together It is anttcipa.ed that between these three extremes lie numerous hybnd 
combinations involving one or more encryptions and one or more watemtarkmgs. 

Each level may be used to represent a particular data density. E.g., .f the 
reduction method is down-samphng. for a DVD audio signal the f.rst row would 
represem data sampled a, 96 kHz, the second at 44.1 kHz., the third a, 6 kHz., eta 
There is only an issue of deeding what perfomtance or secunty needs are contemplated 
when undertaking the data reduction process and choice of which types of keys or key 
pairs should be associated with the signal or data to be reduced. Further security can 
be increased by including block ciphers, special on. way functions, one time stamps or 
even biometnc devices in the software or hardware devices that can be embodted. 
Passwords or btometric data are able to assist in the detemtinalion of the idenUty of the 
user or owner of the data, or some relevant identifying information. 

An example of a real world application is helpful here. Given the predominant 
concern at present, of MPEG 1 Layer 3, or MP3, a percephtal lossy compression audio 
daut fonnat, which has contributed to a dramatic re-evaluation of the distribu.ton of 
music a dtgital watermark system must be able ,0 handle casual and more dedtcated 
ptracy in a consistent manner. The present invention contemplates compatibthty w,.h 
MP3 us wen as any perceptual coding technique that is technically similar. One tssue, 
is to enable a universal copy control -key" detect a watermark as quickly as posstble 
f^om a huge range of perceptual quality measures. For instance, DVD 24 bit 96 kHz, 
encoded watermarks, should be detected in at least "real time.- even:after the si^al has 
been down sampled, to say 12 kHz of the 96 kHz originally referenced. By dehneattng 
and starting with less data, since the data-reduced signal is obviously smaller though 
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Still related perceptually to the original DVD signal, dramatic increases in the speed and 
survival of the universal copy control bits can be achieved. The present invention also 
permits the ability to separate any other bits which may be associated with other more 
secure predetermined keys or key pairs. 

Where the data stream is executable computer code, the present invention 
contemplates breaking the code into objects or, similar units of functionality and 
allowing: for determination of what is functionally important. This may be more 
apparentito the developer or users of the software or related hardware device. Data 
reduction through the use of a subset of the functional objects related to the overall 
fiinctionality of the software or executable code in hardware or microchips, increase the 
copyright protection or security sought, based on reducing the overall data to be 
associated with predetennined keys or key pairs. Similarly, instead of mapping 
functions, transfer functions, so-called "scrambling." appear better candidates for this 
type of .security although both mapping and transferring may be used in the same 
system. By layering the security, the associated keys and key pairs can be used to 
substantially improve the security and to offer easier methods for changing which 
functional "pieces" of executable computer code are associated with which 
predetermined keys. These keys may take the form of time-sensitive session keys, as 
with transactions or identification cards, or more sophisticated asymmetric public key 
pairs which may be changed periodically to ensure the security of the parties' private 
keys. These keys may also be associated with passwords or biometric applications to 
further increase the overall security of any potential implementation. 

An example for text message exchange'is less sophisticated but, if it is a time 
sensitive event, e.g., a secure communication b'etween two persons, benefits may also 
be encountered here. Security may also be sought in military communications. The 
ability to associate the securely exchanged keys or key pairs while performing data 
reduction to enhance the detection or decoding performance, while not compromising 
the level of security, is important. Though a steganographic approach to security, the 
present invention more particularly addresses the ability to have data reduction to 



IP 



increase speed, security, and perfom.ance of a given steganograph.c system. 
Additionally, data reduction affords a more layered approach when associating 
individual keys or key pairs with individual watei-mark bits, or digital signature bits, 
which may not be possible without reduction because of considerations of time or the 
payload of what can be cairied by the overall data "covertext" being transmitted. 

Layering through data reduction offers many advantages to those who seek 
privacy and copyright protection. Serialization of the detection chips or software would 
allow for more secure and less -universal" keys, but the interests of the copyright 
owners are not always aligned with those of hardware or software providers. Similariy, 
privacy concerns limit the amount of watermarking that can be achieved for any given 
application. The addition of a pre-detenTiined and cryptographic key-based "forensic" 
watermark, in software or hardware, allows for 3rd party authentication and provides 
protection against more sophisticated attacks on the copy control bits. Creating a "key 
pair" from the "predetermined" key is also possible. 

Separation of the watermarks also relates to separate design goals. A copy 
control mechanism should ideally be inexpensive and easily implemented, for example, 
a fom. of "Streamed watermark detection." Separating the watermark also may assist 
more consistent application in broadcast monitoring efforts which are time-sensitive and 
ideally optimized for quick detection of watermarks. In some methods, the structure 
of the key itself, in addition to the design of the "copy control" watermark, will allow 
for few false positive results when seeking to monitor radio, television, or other 
streamed broadcasts (including, for example, Internet) of copyrighted material. As well, 
inadvertent tampering with the embedded signal proposed by others in the field can be 
avoided more satisfactorily. Simply, a universal copy control watermark may be 
universal in consumer electronic and general computing software and hardware 
implementations, but less universal when the key st,-ucture is changed to assist in being 
able to log streaming, perfomiance, or downloads, of copyrighted content. The 
embedded bits may actually be paired with keys in a decode device to assure accurate 
broadcast monitoring and tamper proofing, while not requiring a watemiark to exceed 



BNSDOCID: <WO 0057643A1_I_> 



wo 00/57643 



12 



PCT/USOO/06522 



the payload available in an inaudible embedding process. E.g., A full identification of 
the song, versus tmie-based digital signature bits, embedded into a broadcast signal, 
may not be recovered or may be easily over encoded without the use of block ciphers, 
special one way functions or one time pads, during the encoding process, prior to 
broadcast. Data reduction as herein disclosed makes this operation more efficient at 
higher speeds. 

A forensic watermark is not time sensitive, is file-based, and does not require 
the same speed demands as a streamed or broadcast-based detection mechanism for 
copy control use. Indeed, a forensic watermark detection process may require 
additional tools to aid in ensuring that the signal to be analyzed is in appropriate scale 
or size, ensuring signal characteristics and heuristic methods help in appropriate 
recovery of the digital watermark. Simply, all aspects of the underlying content signal 
should be considered in the embedding process because the watermarking process must 
take into.account all such aspects, including for example, any dimensional or size of the 
underlying content signal. The dimensions of the content signal may be saved with the 
key or key pair, without enabling reproduction of the unwatermarked signal. Heuristic 
methods may be used to ensure the signal is in proper dimensions for a thorough and 
accurate detection authentication and retrieval of the embedded watermark bits. Data 
reduction can assist in increasing operations of this nature as well, since the data 
reduction process may include information about the original signal, for example, signal 
characteristics, signal abstracts, differences between samples, signal patterns, and 
related work in restoring any given analog waveform. 

The present invention provides benefits, not only because of the key-based 
approach to the watermarking, but the vast increase in performance and security 
afforded the implementations of the present invention over the performance of other 
systems. 

The architecture of key and key-pair based watermarking is superior to 
statistical approaches for watermark detection because the first method meets an 
evidentiary level of quality and are mathematically provable. By incorporating a level 



of data reducion, key and key paired based wa.em,ark,ng is further improved. Sueh 
levels ofsecurhy are plainly necessary if digital watermarks are expected to establ.sh 
respo„s,bility for copies cf copynghted works in evidentiary proceedings. More 
sophisticated measures of trust are necessaty for use in areas whtch exceed the scope 
of copyright but are more factually based in legal proceedmgs. These areas may tnclude 
text authentication or software protection (extending into the realm of secunng 
microchip designs and cotppiled hardware as well) in the examples provided above and 
are not contemplated by any disclosure or work in the art. 

The present invention may be implemented with a variety of cryptographtc 
protocols to tncrease both confidence and security in the underlying system. A 
predetetmined key is described as a set of masks: a plurality of mask sas. These masks 
may include primary, corivolu.ion and message dehmtters bu, may extend m.o 
additional domains. In previous disclosures, the tactionali.y of theseimasks is defined 
solely for mapping. Public and private keys may be used as key pairs to further 
increase .be unlikeliness .hat a key may be compromised.- Examples of public key 
e^.osystems may be found m the following U.S. Patents Nos: 4,200.770; 4.218.582; 
4 405 829- and 4,424.4. 4, which examples are incorporated herein by reference. Pnor 
,o encoding, the masks described above are generated by a cryptographically secure 
random generation process. Mask sets may be limited only by .he number of 
dimensions and amount of er^r con-eCion or concealment sough., as has been 

previously disclosed. 

A block cipher, suih as DBS. in combination with a sufficiently random seed 
value emulates a c,7P.ographically secure random bi< generator. These keys, or key 
pairs will be saved along with information matching them .o .he sample s.ream ,n 
ouestion in a da.abase for use in subsequen. detection or decode opefafion. These same 
cryptographtc protocols may be combined wi.h .he embodimeh.s of .he presen. 
invenfion in administering streamed content tha. requires aurhorized keys .o correCly 
display or play said srreamcd con.en. m an unscrambled manner. As wi.h digital 
watermarking, symmetrtc or asymme.ric public key pairs may be used in a variety of 
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implementations. Additionally, the need for certification authorities to maintain 
authentic key-pairs becomes a consideration for greater security beyond symmetric key 
implementations, where transmission security is a concern. 

■Signal Processing in a Multi-watermark System ( A Plurality of Streams May Be 
Watermarked) 

FIG. 2 illustrates a system and method of implementing a multiple-watermark 
system. An input signal 1 1 (e.g., binary executable code, instruction text, or other data), 
is first processed by a lossy data-reduction scheme 200 (e.g., down-sampling, bit-rate 
reduction, or compression method) to produced a data-reduced signal 40. Data-reduced 
signal 40 is then embedded with a watermark (process step 300) to generate a 
watermarked, data-reduced signal 50, while a copy of the unmarked, data-reduced 
signal 40 is saved. 

The saved, unwatermarked data-reduced signal (signal 40) is subtracted from 
the original input signal 1 1, yielding a remainder signal 60 composed only of the data 
that was lost during the data-reduction. A second watermark is then applied (process 
step 301) to remainder signal 60 to generate a watermarked remainder signal 70. 
Finally, the watermarked remainder 70 and the watermarked, data-reduced signal 50 are 
added to form an output signal 80, which is the final, full-bandwidth, output signal. 

The two watermarking techniques (process steps 300 and 301) may be identical 
(i.e., be functionally the same), or they may be different. 

To decode the signal, a specific watermark is targeted. Duplicating the data- 
reduction processes that created the watennark in some cases can be used to recover the 
signal that was watermarked. Depending upon the data-reduction method, it may or 
may not be necessary to duplicate the data-reduction process in order to read a 
watennark embedded in a remainder signal. Because of the data-reduction, the 
decoding search can occur much faster than it would in a full-bandwidth signal. 
Detection speed of the remainder watermark remains the same as if there were no other 
watermark present. 



FIG. 4 illustrates a functional block diagram for one means of decoding the 
output signal generated by the system illustrated in FIG. 2. A signal to be analyzed 80 
(e.g., the same output from FIG. 2) is processed by a data-reduction scheme 200. Data 
reduced signal 41 can then be decoded to remove the message that was watemiarked in 
the original data reduced signal. Further, data reduced signal 41 can be subtracted from 
signal to be analyzed 80 to form a differential signal 61 which can then be decoded to 
remove the message that was watermarked in the original remainder signal. A decoder 
may only be able to perform one of the two decodings. Differential access and/or 
different keys may be necessary for each decoding. 

Additionally, the watermarking described in connection with this embodiment 
above may be done with a plurality of predetermined keys or key pairs associated with 
a single watermark "message bit," code object, or text. 

9i\or.^\ Proce'^'^i"" a Sing!'' Wate rmark System 

FIG. 3 illustrates a system and method of implementing a single watermark 
system The process and system contemplated here is identical to process described in 
com^ection to FIG. 2, above, except that no watermark .s embedded in the remamder 
signal Hence, the watermarked, data-reduced signal 50 .s added directly to the 
remainder signal 60 to gerierate an output signal 90. Additionally, the watermarkmg 
described in com^ection with th,s embodiment above may be done with a plurality of 
predetermined keys or key pairs associated with a single watermark "message bit." code 
object, or text. 

In either process, an external key can be used to control the insertion location 
of either watermark. In a copy-control system, a key is not generally used, whereas m 
a forensic system, a key must be used. The key can also control the parameters of the 
data-reduction scheme. The dual scheme can allow a combination of copy-control and 
forensic watermarks in the same signal. A significant feature is that the copy-control 
watennark can be read and rewritten without affecting the forensic mark or 
compromising its security. 
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FIG. 5 illustrates a functional block diagram for one means of decoding the 
output signal generated by the system illustrated in FIG. 3. A signal to be analyzed 90 
(e.g., the same output from FIG. 3) is processed by a data-reduction scheme 200. Data 
reduced signal 41 can then be decoded to remove the message that was watem.arked m 
the original data reduced signal. 

^^^T>.^..ecino in . Mult-scram bler System (A Plurality of Streams May Be 
<sr.rambled) 

FIG. 6 illustrates a system and method of implementing a multi-scrambler 
system. An input signal 12 (e.g., binary executable code, instruction text, or other data), 
is first processed by a lossy data-reduction scheme 400 (e.g., down-sampling, b,t-rate 
reduction, or compression method) to produced a data-reduced signal 45 . Data-reduced 
signal 45 is then scrambled using a first scrambling technique (process step 500) to 
generate a scrambled, data-reduced signal 55, while a copy of the unscrambled, data- 

reduced signal 45 is saved. 

The saved, unscrambled data-reduced signal (signal 45) is subtracted from the 
original input signal 12, yielding a remainder signal 65 composed only of the data that 
was lost during the data-reduction. A second scrambling technique is then applied 
(process step 501) to remainder signal 65 to generate a scrambled remainder signal 75. 
Finally, the scrambled remainder signal 75 and the scrambled data-reduced signal 55 
are added to form an output signal 85, which is the final, full-bandwidth, output signal. 

The two scrambling techniques (process steps 500 and 501) may be identical 
(i.e., be functionally the same), or they may be different. 

Additionally the scrambling described in connection with this embodiment may 
be done with a plurality of predetermined keys or key pairs associated with a single 
scrambling operation containing only a "message bit," code object, or text. 



To decode the signal, unscrambling follows the exact patten, of the scrambling 
process except that the n.verse of the scrambling transfer function is applied to each 
portion of the data, thus returning U to its pre-scrambled state. 

FIG 8 illustrates a functional block diagram for one means of decodmg the 
output signal generated by the system illustrated in FIG. 6. A signal to be analyzed 85 
(e g the same output fiom FIG. 6) is processed by a data-reduction scheme 200. Data 
reduced signal 46 can be subtracted from signal to be analyzed 85 to fon. a differential 
signal 66, which signal can then be descrambled in process 551 using the mverse 
transfer function of the process that scrambled the original remamder signal (e.g., the 
inverse of scrambling process 501). Descrambling process 551 generates an 
descrambled sigi.al 76. Data reduced signal 46 may further be descrambled m process 
550 using the inverse transfer function of the process that scrambled the original data 
reduced signal (e.g., the inverse of scrambhng process 500). Descrambling process 550 
generates an descrambled signal 56, which may then be added to descrambled signal 
76 to form an output signal 98. 

Si ym^l ProcesFi "P in ^ Rincle Scrambling Operation 

FIG- 7 illustrates a system and method of implementing a single scrambling 
system The process and system contemplated here is identical to process described in 
connection to FIG. 6, above, except that no scrambling is applied to the remainder 
signal. Hence, the scrambled data-reduced signal 55 is added directly to the remainder 
signal 65 to generate an output signal 95. 

Additionally the scrambling described in comiection with this^embodiment may 
be done with a plurality of predetermined keys or key pan s associated with a single 
scrambling operation containing only a "message bit." code object,,or text. 

FIG 9 illustrates a functional block diagram for one means of decoding the 
output signal generated by the system illustrated in FIG. 7. A signal to be analyzed 95 
(e g the same output from FIG. 7) is processed by a data-reduction' scheme 200. Data 
reduced signal 46 can be subtracted from signal to be analyzed 95 to fon. a differential 
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signal 66. Data reduced signal 46 may further be descrambled in process 550 using the 
inverse transfer function of the process that scrambled the original data reduced signal 
(e.g., the inverse of scrambling process 500). Descrambling process 550 generates an 
descrambled signal 56, which may then be added to differential signal 66 to form an 
output signal 99. 



Sam ple Embodiment: Combinations 

Another embodiment may combine both watermarking and scrambling with 
data reduction. Speed, performance and computing power may influence the selection 
of which techniques are to be used. Decisions between data reduction schemes 
ultimately must be measured against the types of keys or key pairs to use, the way any 
pseudo random or random number generation is done (chaotic, quantum or other 
means), and the amount of scrambling or watermarking that is necessary given the 

needs of the system. 

It is quite possible that some derived systems would yield a fairly large decision 
tree, but the present invention offers many benefits to applications in security that are 
not disclosed in the art. 

Conclusions 

Data signals fall into two categories: those which can undergo lossy data 
reduction and remain functional and those which cannot. Audio, images, video are 
examples of the first. Computer code is an example of the second. In general, all 
members of the first category contain an aesthetic component, which may be reduced 
and/or manipulated during a data reduction, in addition to a functional component 
which serves to identify the signal. For example, an audio signal may have noise added 
while still remaining recognizably identifiable as a particular song. However, beyond 
a certain point, the addition of more noise will cause the signal to become 
unidentifiable, thus impairing the functional character of the signal. In the absence of 



an aesthetic component, as with computer code where every bit of data is necessary, 
lossy compression that retains functionality is not possible. 

Signals in the first catego;-y are the only candidates for watermarking. A 
watermark is a distortion of the aesthetic component, generally of an imperceptible 
nature. This category will gam speed benefits during the watermark decoding process 
when a lossy data-reduction method is used as described above. 

Scrambling, on the other hand, may be applied to any signal, regardless of its 
aesthetic component, since it allows for perfect reconstruction of the original signal. 
A scrambling system can be made more secure by applying a data reduction method 
prior to scrambling, even if this data reduction makes the intermediate signals non- 
functional, as is the case with signals in category two. 

Data reduction can make both watermarking and scrambling more secure. Data 
reduction can also speed the decoding process for watemiarks. Finally, data reduction 
can allow natural channelization of watermarks for different purposes. 

While the invention has been particularly shown and described in the foregoing 
detailed description, it will be understood by those skilled in the art that various other 
changes in fom. and detail may be made without departing from the spirit and scope of 
the invention. 
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WHAT IS CLAIMED IS: 

1 A method of securing a data signal comprising: 

applying a data reduction technique to reduce the data signal into a reduced data 

signal; 

subtracting said reduced data signal from the data signal to produce a remainder 

signal; 

embedding a first watermark into said reduced data signal to produce a 

watermarked, reduced data signal; 

embedding a second watermark into said remainder signal to produce a 

watermarked remainder signal; and 

adding said watermarked, reduced data signal to said watermarked remainder 

signal to.produce an output signal. 

2. The method of claim 1 wherein the step of subtracting is comprised of 
storing a copy of the data signal; and 

subtracting said reduced data signal from the copy of the data signal to produce 
a remainder signal. 

3. The method of claim 1 , wherein at least one of the watermarks is embedded 
using at least one key. 

4. The method of claim 1 , wherein at least one of the watermarks is embedded 

using a key pair. 

5. The method of claim 4, wherein one key of the key pair is publicly available 
while the other key of the key pair is secret. 

6. A method of protecting a data signal comprising: 

applying a data reduction technique to reduce the data signal into a reduced data 

signal; 

subtracting said reduced data signal from the data signal to produce a remainder 

signal; 

embedding a first watermark into said reduced data signal to produce a 
watermarked, reduced data signal; and 



6 



adding said watermarked, reduced data signal to said remainder signal to 

produce an output signal. , ^ a 

7. The method of claim 6 wh,rei„ .he s.ep of adding .aid wa.e^arked. reduced 

data signal lo said remainder signal comprises: 

embedding a second watermark into said remainder s.gna, to produce a 
watermarked remainder signal; and 

adding satd wa.ennarked, reduced data signal to said wa.ennafked rematnder 

signal to p.X)duce an output signal. 

8. The method of claim,7. wherein at least one of the watermarks ,s embedded 

using at least one key. 

9. The method of claim 7, wherein a, least one of the watermarks is embedded 

using a key pair. 

,0. The method of claim 9. wherein one key of the key patr ,s pubhcly avatlable 

while the other key of the key pair is secret. 
1 1 A method of protecting a data signal: 

applying a data reduction tectatique to reduce dre data signal tnto a reduced data 

signal; 



signal; 



subtracting said reduced data signal ftom the data signal to produce a remainder 

using a firs, serambUng technique to scramble said reduced data signal to 
produce a scrambled, reduced data signal; 

using a second scrambling technique to scramble said remainder s.gnal to 
produce a scrambled remainder signal; and . , . , 

. adding said scrambled, reduced data signal to said scrambled rematnder stgnal 
to produce an output signal. 

n. The method of claim 1 1 wherein said fn.t and second scrambling techn.ques are 



dentical. 
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13. A method of securing a data signal comprising: 

applying a data reduction technique to reduce the data signal into a reduced data 

signal; 

subtracting said reduced data signal from the data signal to produce a remainder 

signal; 

using a first cryptographic technique to encrypt the reduced data signal to 
produce an encrypted, reduced data signal; 

using a second cryptographic technique to encrypt the remainder signal to 
produce an encrypted remainder signal; and 

adding said encrypted, reduced data signal to said encrypted remainder signal 
to produce an output signal. 

1 4. The method of claim 1 3 wherein said first and second cryptographic techniques 
are identical. 

15. The method of claim 13 wherein at least one of said first and second 
cryptographic techniques is a watermarking technique. 

1 6. The method of claim 15, wherein at least one of the watermarks is embedded 
using at least one key. 

1 7 The method of claim 1 5 , wherein at least one of the watermarks is embedded 

using a key pair. 

18. The method of claim 13 wherein at least one of said first and second 
cryptographic techniques is a scrambling technique. 

19. The method of claim 13 wherein one of said first and second cryptographic 
techniques is a watermarking technique and the other is a scrambling technique. 

20. The method of claim 13 wherein said first and second cryptographic techniques 
are identical. 

21 . A system for securing a data signal comprising: 

means to apply a data reduction technique to reduce the data signal into a 

reduced data signal; 



means to subtract said reduced data signal from ihc data signal to produce a 
remainder signal; 

means to apply a first cryptographic technique to encrypt the reduced data signal 
to produce an encrypted, reduced data signal; 

means to apply a second cryptographic technique to encrypt the remainder 
signal to produce an encrypted remainder signal; and 

means to add said encrypted, reduced data signal to said encrypted remainder 
signal to produce an output signal. 

22. The system of claim 21 wherein said first and second cryptographic techniques 

are identical. 

23. The system of claim 21 wherein at least one of said means to apply a first and 
second cryptographic technique utilizes a watermarking technique. 

24. The system of claim 21 wherein at least one of said means to apply a first and 
second cryptographic technique utilizes a scrambling technique. 

25. The system of claim 13 wherein said means to apply a first cryptographic 
technique is a means to apply a watermarking technique and said means to 
apply a second cryptographic technique is a means to apply a scrambling 
technique. 
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